7990971
Descripción
Test por Mohamed Yuosef, actualizado hace más de 1 año
|
Creado por Mohamed Yuosef
hace alrededor de 7 años
|
|
Pregunta 1
Pregunta
1.Which NAT type allows only objects or groups to reference an IP address?
Respuesta
-
A. Dynamic NAT
-
B. Dynamic PAT
-
C. Identity NAT
-
D. Static NAT
Pregunta 2
Pregunta
2. Which of these are characteristics of DHCP spoofing? (Choose three)
Respuesta
-
A. ARP poisoning
-
B. Physically modify the network gateway
-
C. Can access most network devices
-
D. Protect the identity of the attacker by masking their DHCP address
-
E. Man-in-the-middle attack
-
F. Modify traffic in transit
Pregunta 3
Pregunta
3. Which NAT option is executed first in the case of multiple NAT translations?
Respuesta
-
A. Static NAT with shortest prefix
-
B. Static NAT with longest prefix
-
C. Dynamic NAT with shortest prefix
-
D. Dynamic NAT with longest prefix
Pregunta 4
Pregunta
4. How can firepower block malicious email attachments?
Respuesta
-
A. It forwards email requests to an external signature engine
-
B. It scans inbound email messages for known bad URLs
-
C. It sends an alert to the administrator to verify suspicious email messages
-
D. It sends the traffic through a file policy
Pregunta 5
Pregunta
5. Which firewall configuration must you perform to allow traffic to flow in both directions between two zones?
Respuesta
-
A. Configure a single zone pair that allows bidirectional traffic flows from any zone except the self-zone
-
B. Configure two zone pairs, one for each direction
-
C. Configure a single zone pair that allows bidirectional traffic flows from any zone
-
D. Configure a single zone pair that allows bidirectional traffic flows only if the source zone is the less secure zone
Pregunta 6
Pregunta
6. What mechanism does asymmetric cryptography use to secure data?
Respuesta
-
A. An MD5 hash
-
B. A public/private key pair
-
C. An RSA nonce
-
D. Shared secret keys
Pregunta 7
Pregunta
7. Which statement about IOS privilege levels is true?
Respuesta
-
A. Each privilege level is independent of all other privilege levels
-
B. Each privilege level supports the commands at its own level and all levels above it
-
C. Privilege-level commands are set explicitly for each user
-
D. Each privilege level supports the commands at its own level and all levels below it
Pregunta 8
Pregunta
8. Your security team has discovered a malicious program that has been harvesting the CEO's email messages and the company's user database for the last 6 months. What type of attack did your team discover? (Choose two)
Respuesta
-
A. Social activism
-
B. Targeted malware
-
C. Drive-by spyware
-
D. Polymorphic virus
-
E. Advanced persistent threat
Pregunta 9
Pregunta
9. What is a valid implicit permit rule for traffic that is traversing the ASA firewall?
Respuesta
-
A. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only
-
B. Only BPDUs from a higher security interface to a lower security interface are permitted in routed mode
-
C. Unicast IPv4 traffic from a higher security interface to a lower security interface is permitted in routed mode only
-
D. Only BPDUs from a higher security interface to a lower security interface are permitted in transparent mode
-
E. ARPs in both directions are permitted in transparent mode only
Pregunta 10
Pregunta
10. What is the effect of the following command: “Crypto ipsec transform-set my set esp-md5-hmac esp-aes-256”
Respuesta
-
A. It configures encryption to use MD5 HMAC
-
B. It configures authentication to use MD5 HMAC
-
C. It configures encryption to use AES-256
-
D. It configured authentication to use AES-256
-
E. It configures authorization to use AES-256
Pregunta 11
Pregunta
11. Which of the following statements about access lists are true? (Choose three)
Respuesta
-
A. Extended access lists should be placed as near as possible to the destination
-
B. Standard access lists should be placed as near as possible to the source
-
C. Extended access lists should be placed as near as possible to the source
-
D. Standard access lists should be placed as near as possible to the destination
-
E. Standard access lists filter on the source address
-
F. Standard access lists filter on the destination address
Pregunta 12
Pregunta
12. In which two situations should you use in-band management? (Choose two)
Respuesta
-
A. When a network device fails to forward packets
-
B. When management applications need concurrent access to the device
-
C. When you require administrator access from multiple locations
-
D. When you require ROMMON access
-
E. When the control plane fails to respond
Pregunta 13
Pregunta
13. In which two situations should you use out-of-band management? (Choose two)
Respuesta
-
A. When a network device fails to forward packets
-
B. When management applications need concurrent access to the device
-
C. When you require administrator access from multiple locations
-
D. When you require ROMMON access
-
E. When the control plane fails to respond
Pregunta 14
Pregunta
14. Which command enable ospf authentication?
Respuesta
-
A. ip ospf authentication message-digest
-
B. network 192.168.10.0 0.0.0.255 area 0
-
C. area 20 authentication message-digest
-
D. ip ospf message-digest-key 1 md5 CCNA
Pregunta 15
Pregunta
15.Which command help user1 to use enable,disable,exit&etc commands?
Respuesta
-
A. catalyst1(config)#username user1 privilege 0 secret us1pass
-
B. catalyst1(config)#username user1 privilege 1 secret us1pass
-
C. catalyst1(config)#username user1 privilege 2 secret us1pass
-
D. catalyst1(config)#username user1 privilege 5 secret us1pass
Pregunta 16
Pregunta
16. Command ip ospf authentication key 1 is implemented in which level?
Respuesta
-
A. Interface
-
B. process
-
C. global
-
D. enable
Pregunta 17
Pregunta
17. Which line in the following OSPF configuration will not be required for MD5 authentication to work?
ip address 192.168.10.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 CCNA
!
router ospf 65000
router-id 192.168.10.1
area 20 authentication message-digest
network 10.1.1.0 0.0.0.255 area 10
network 192.168.10.0 0.0.0.255 area 0
Respuesta
-
A. ip ospf authentication message-digest
-
B. network 192.168.10.0 0.0.0.255 area 0
-
C. area 20 authentication message-digest
-
D. ip ospf message-digest-key 1 md5 CCNA
Pregunta 18
Pregunta
18. Which of the following pairs of statements is true in terms of configuring MD authentication?
Respuesta
-
A. Interface statements (OSPF, EIGRP) must be configured; use of key chain in OSPF
-
B. Router process (OSPF, EIGRP) must be configured; key chain in EIGRP
-
C. Router process (only for OSPF) must be configured; key chain in EIGRP
-
D. Router process (only for OSPF) must be configured; key chain in OSPF
Pregunta 19
Pregunta
19. which are two valid TCP connection states (pick 2) is the gist of the question?
Respuesta
-
A. SYN-RCVD
-
B. Closed
-
C. SYN-WAIT
-
D. RCVD
-
E. SENT
Pregunta 20
Pregunta
20. What is example of social engineering?
Respuesta
-
A. Gaining access to a building through an unlocked door.
-
B. something about inserting a random flash drive.
-
C. gaining access to server room by posing as IT
-
D. Watching other user put in username and password (something around there)
¿Quieres crear tus propios Tests gratis con GoConqr? Más información.